Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6d/83168b-6b40-4d12-8ed7-1f99317c6c94/1/CGDEWL7LAUsTsDMZBmshOD8YZ44.roa
File: CGDEWL7LAUsTsDMZBmshOD8YZ44.roa (raw, json)
Hash identifier: oERH2D++XtlV4uhhDRX4A9UPpH+sck7vqyLscA9ErCY=
Subject key identifier: 08:60:C4:58:BE:CB:01:4B:13:B0:33:19:06:6B:21:38:3F:18:67:8E
Certificate issuer: /CN=28526132c4fcf6b4cdff740255602ccf9dcb042f
Certificate serial: 01856FE702B78E470C537209D6112EEF92A6
Authority key identifier: 28:52:61:32:C4:FC:F6:B4:CD:FF:74:02:55:60:2C:CF:9D:CB:04:2F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KFJhMsT89rTN_3QCVWAsz53LBC8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6d/83168b-6b40-4d12-8ed7-1f99317c6c94/1/CGDEWL7LAUsTsDMZBmshOD8YZ44.roa
Signing time: Mon 02 Jan 2023 00:34:48 +0000
ROA not before: Mon 02 Jan 2023 00:34:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 47337
IP address blocks: 46.16.152.0/21 maxlen: 24
2a02:2520::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:e7:02:b7:8e:47:0c:53:72:09:d6:11:2e:ef:92:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=28526132c4fcf6b4cdff740255602ccf9dcb042f
Validity
Not Before: Jan 2 00:34:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0860c458becb014b13b03319066b21383f18678e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:5e:8b:e6:bf:2b:fe:96:14:87:00:f0:15:9c:
3a:62:cc:bb:1f:03:b5:7e:b6:23:41:74:98:fc:f6:
e5:69:f4:33:5a:a6:e1:1c:0f:b2:42:0b:8a:15:9e:
e7:da:75:93:f2:e3:d6:99:8f:f2:0b:17:18:b9:c9:
42:8e:3d:b2:a6:a1:ea:68:c7:eb:8f:8b:dd:81:34:
69:fa:34:a7:dc:47:26:8f:2a:91:42:af:cc:58:ea:
ab:03:55:24:00:8a:f0:ec:ba:05:a1:3a:5d:1a:d2:
b2:d2:36:4f:8c:9e:88:07:77:3d:3a:01:ba:d6:ab:
b4:47:b6:49:7d:38:f1:57:e2:20:7e:69:20:7e:2f:
a1:d8:ff:05:69:aa:b2:9f:ef:41:d9:11:bd:9b:f0:
95:e8:e4:34:ab:55:44:b8:e7:fb:a8:ef:63:30:d2:
c1:e6:d5:23:b7:da:14:ee:f3:42:86:c4:81:11:6d:
1d:37:7c:1f:bc:f5:b0:3e:93:6c:b9:c5:d4:71:2c:
fd:1a:9d:72:c8:e4:2d:be:a6:81:04:f8:9e:4d:c5:
5f:a6:03:93:be:ae:a9:fb:57:c3:0e:9c:ec:b2:cb:
dc:fc:ab:d6:aa:67:43:c8:7f:d1:61:a2:7f:ce:83:
67:d0:dd:3b:c6:34:b9:fc:26:b6:01:e7:62:e2:16:
ed:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:60:C4:58:BE:CB:01:4B:13:B0:33:19:06:6B:21:38:3F:18:67:8E
X509v3 Authority Key Identifier:
keyid:28:52:61:32:C4:FC:F6:B4:CD:FF:74:02:55:60:2C:CF:9D:CB:04:2F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KFJhMsT89rTN_3QCVWAsz53LBC8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/83168b-6b40-4d12-8ed7-1f99317c6c94/1/CGDEWL7LAUsTsDMZBmshOD8YZ44.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/83168b-6b40-4d12-8ed7-1f99317c6c94/1/KFJhMsT89rTN_3QCVWAsz53LBC8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.16.152.0/21
IPv6:
2a02:2520::/32
Signature Algorithm: sha256WithRSAEncryption
3f:40:40:0f:95:ea:91:6f:dc:6e:cd:47:d7:21:7b:9d:8a:06:
c7:7c:f9:aa:38:b5:35:5f:c5:6b:bf:6e:1f:67:85:4d:d8:79:
e5:91:9d:b8:43:d3:a7:73:9d:db:21:cc:c5:ab:87:3d:ac:be:
d7:28:35:47:42:22:d2:3e:92:16:5f:fd:e1:0d:70:63:70:e7:
2a:b7:bf:fc:4d:11:c6:ae:cf:55:97:57:52:23:4d:60:e2:b6:
16:45:f6:69:82:fa:22:8c:fc:85:03:47:3a:d1:2f:e0:c5:ac:
48:5a:7b:15:67:ef:72:80:c4:dc:60:7a:3c:d8:52:f7:9d:0b:
b4:b4:4b:47:e8:28:11:0a:fd:96:26:a3:40:5a:d0:ae:02:58:
e9:dd:8b:b4:d7:6d:77:63:27:9b:7d:dc:74:36:e2:68:55:3c:
3e:5f:e7:c7:95:9e:25:6a:d6:e2:03:f6:27:2b:8b:d1:10:95:
54:a9:f6:10:e5:ac:7c:0d:01:0c:09:80:7a:74:4e:a5:a0:43:
5a:6d:74:9b:86:c9:a9:f3:eb:4c:f9:17:78:2e:69:6e:91:44:
40:d4:9d:eb:80:68:33:10:00:9c:38:8c:ee:35:54:92:26:c2:
e2:39:73:27:e5:5d:be:df:03:b8:b8:8f:e0:ab:40:be:e3:82:
4d:5d:de:ae
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVv5wK3jkcMU3IJ1hEu75KmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4NTI2MTMyYzRmY2Y2YjRjZGZmNzQwMjU1NjAyY2NmOWRj
YjA0MmYwHhcNMjMwMTAyMDAzNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwODYwYzQ1OGJlY2IwMTRiMTNiMDMzMTkwNjZiMjEzODNmMTg2NzhlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqF6L5r8r/pYUhwDwFZw6Ysy7HwO1
frYjQXSY/PblafQzWqbhHA+yQguKFZ7n2nWT8uPWmY/yCxcYuclCjj2ypqHqaMfr
j4vdgTRp+jSn3EcmjyqRQq/MWOqrA1UkAIrw7LoFoTpdGtKy0jZPjJ6IB3c9OgG6
1qu0R7ZJfTjxV+Igfmkgfi+h2P8Faaqyn+9B2RG9m/CV6OQ0q1VEuOf7qO9jMNLB
5tUjt9oU7vNChsSBEW0dN3wfvPWwPpNsucXUcSz9Gp1yyOQtvqaBBPieTcVfpgOT
vq6p+1fDDpzsssvc/KvWqmdDyH/RYaJ/zoNn0N07xjS5/Ca2Aedi4hbtswIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFAhgxFi+ywFLE7AzGQZrITg/GGeOMB8GA1UdIwQY
MBaAFChSYTLE/Pa0zf90AlVgLM+dywQvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS0ZKaE1zVDg5clROXzNRQ1ZXQXN6NTNMQkM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZC84MzE2OGItNmI0MC00ZDEyLThlZDct
MWY5OTMxN2M2Yzk0LzEvQ0dERVdMN0xBVXNUc0RNWkJtc2hPRDhZWjQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZC84MzE2OGItNmI0MC00ZDEyLThlZDctMWY5OTMxN2M2Yzk0
LzEvS0ZKaE1zVDg5clROXzNRQ1ZXQXN6NTNMQkM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQDLhCYMA0E
AgACMAcDBQAqAiUgMA0GCSqGSIb3DQEBCwUAA4IBAQA/QEAPleqRb9xuzUfXIXud
igbHfPmqOLU1X8Vrv24fZ4VN2HnlkZ24Q9Onc53bIczFq4c9rL7XKDVHQiLSPpIW
X/3hDXBjcOcqt7/8TRHGrs9Vl1dSI01g4rYWRfZpgvoijPyFA0c60S/gxaxIWnsV
Z+9ygMTcYHo82FL3nQu0tEtH6CgRCv2WJqNAWtCuAljp3Yu01213Yyebfdx0NuJo
VTw+X+fHlZ4latbiA/YnK4vREJVUqfYQ5ax8DQEMCYB6dE6loENabXSbhsmp8+tM
+Rd4LmlukURA1J3rgGgzEACcOIzuNVSSJsLiOXMn5V2+3wO4uI/gq0C+44JNXd6u
-----END CERTIFICATE-----
Generated at Mon Jan 1 18:02:11 2024 by rpki-client on console.sobornost.net